portrait

Поиск



[software] [catdoc] [tcl] [geography] [old things]

Права доступа к X-серверу

Have you ever been troubled with X magic cookie authenification, trying to start X-basing tool as root, when X display belongs to you, as ordinary user? I have, and decide to write stupid shell script to get around this problem. Note, that root can read your .Xauthority file. So, if you want to su to another user, you'll need more elaborate solution.

Of course before you start to need this, you need to enable xauth style authenification. If you are on that stage, read Quick quide by Donal K. Fellows.

There is several solutions

  • type
        xsu command 
       

    from xterm and then type password Note that xsu doesn't support all options of su

    #!/bin/sh
    # @(#) xsu - executes command as root in X11 with enabled autenification
    # command should be passed as one argument
    if [ -z "$DISPLAY" ]
    then
      echo "You are not running X11. Use plain su!"
      exit 1
    fi
    if [ -z "$1" ]
    then
      command=$SHELL
    else 
      command="$@"
    fi
    su -c "xauth merge `eval echo ~$USER`/.Xauthority;$command"
    
  • add following code to your root .bashrc file, and you would automatically recieve access to X server, when you are typing su (but not su -)
    # cut from root's .bashrc
    
    if [ -n $DISPLAY ] && [  "$USER" != root ]
    then
      XAUTHORITY=`eval echo ~$USER`/.Xauthority
      export XAUTHORITY
    fi
     
      
  • Add wmsu command in your window manager menu, and you'll be presented by small window to type password in before specified command would be run as root.
    #!/bin/sh
    # @(#) xsu - executes command as root in X11 with enabled autenification
    # command should be passed as one argument
    if [ -z "$DISPLAY" ]
    then
      echo "You are not running X11. Use plain su!" >&2
      exit 1
    fi
    if [ -z "$1" ]
    then
      echo "wmsu: no command supplied" >&2
      exit 1
    else 
      command=$@
    fi
    xterm -geometry=20x2 -title "Type password" -e su -c "\"xauth merge `eval echo ~$USER`/.Xauthority;$command\""
    
    

If you often need to login to remote machines and start X programs from there, you might want to use foreign_xterm script, which transfers correct authenification info to remote machine and runs xterm or specified command from there via rsh. It passes arguments to rsh and invoked command, so things like

foreign_xterm -l somebody somehost -e mc
would work. If called after name foreign_xapp it doesn't spawn xterm - just transfer authorization token and start desired command setting right value for DISPLAY variable.

Note, that if you use ssh, you don't need such tricks - it does them for you. But, if you are using some other daemons such as Network Audio or floppyd you might need it anyway